<?phpclass User { ############################################## /*

1. <?php
2.  
3. class User {
4.  
5. ##############################################
6.  
7. /* Program Cache */
8. private $error; // stores the program error, this is the next to top level error. We can grab this through get_error();
9.  
10. ##############################################
11.  
12. /**
13. * is_logged_in function.
14. * Determines if a user is logged in or not.
15. * @access public
16. * @return void
17. */
18. public function is_logged_in() {
19. if(isset($_SESSION['user_id'])) {
20.  
21. $user_id = $_SESSION['user_id'];
22.  
23. $check = $this->database->num_rows_fq("SELECT * FROM `users` WHERE `id`='$user_id' AND `rank` <> 'banned'");
24.  
25. if($check == 0) {
26. return false;
27. } else {
28. return true;
29. }
30.  
31. } else {
32. return false;
33. }
34. }
35.  
36. public function not_logged_in($page) {
37. $_SESSION['return_page'] = $page;
38. $this->core->redirect('login.php');
39. }
40.  
41. ######################
42. # Register Functions #
43. ######################
44.  
45. public function register($username, $password, $confirm_password, $email, $rank = 'user', $activated = '0') {
46. if(empty($username) || empty($password) || empty($confirm_password) || empty($email)) {
47. $this->error = "All fields are required.";
48. return false;
49. }
50.  
51. if($password != $confirm_password) {
52. $this->error = "Your passwords do not match up.";
53. return false;
54. }
55.  
56.  
57. if(!$this->valid_email($email)) {
58. $this->error = "That is not a correct e-mail address.";
59. return false;
60. }
61.  
62. if(!$this->check_username($username)) {
63. $this->error = "That username is already in use.";
64. return false;
65. }
66.  
67. if(!$this->check_email($email)) {
68. $this->error = "That e-mail address is already in use.";
69. return false;
70. }
71.  
72. $time = time();
73. $ip = $_SERVER["REMOTE_ADDR"];
74.  
75. $password_enc = md5($password);
76.  
77. $this->database->query("INSERT INTO `users` (username, password, email, registered, ip, activated, unencrypted, rank) VALUES('$username', '$password_enc', '$email', '$time', '$ip', '$activated', '$password', '$rank')");
78.  
79. return true;
80. }
81.  
82. /**
83. * valid_email function.
84. * Checks to see if an e-mail is the right format.
85. * @access public
86. * @param mixed $email
87. * @return void
88. */
89. public function valid_email($email) {
90. if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
91. return true;
92. } else {
93. return false;
94. }
95. }
96.  
97. /**
98. * check_username function.
99. * Checks to see if a username is in use.
100. * @access public
101. * @param mixed $username
102. * @return void
103. */
104. public function check_username($username) {
105. $check = $this->database->num_rows_fq("SELECT * FROM `users` WHERE `username`='$username'");
106.  
107. if($check == 0) {
108. return true; // not in use
109. } else {
110. return false; // in use
111. }
112. }
113.  
114. /**
115. * check_email function.
116. * Checks to see if an email is in use.
117. * @access public
118. * @param mixed $email
119. * @return void
120. */
121. public function check_email($email) {
122. $check = $this->database->num_rows_fq("SELECT * FROM `users` WHERE `email`='$email'");
123.  
124. if($check == 0) {
125. return true; // not in use
126. } else {
127. return false; // in use
128. }
129. }
130.  
131. ###################
132. # Login Functions #
133. ###################
134.  
135. /**
136. * login function.
137. * Performs a login on a user.
138. * @access public
139. * @param mixed $username
140. * @param mixed $password
141. * @return void
142. */
143. public function login($username, $password) {
144. if(empty($username) || empty($password)) {
145. $this->error = "You have left a field blank.";
146. return false;
147. }
148.  
149. if(!$this->check_username_login($username)) {
150. $this->error = "You have entered an invalid username.";
151. return false;
152. }
153.  
154. if(!$this->check_password_login($username, $password)) {
155. $this->error = "You have entered an invalid password.";
156. return false;
157. }
158.  
159. if($this->core->settings->get_setting('admin_only_login') == 1) {
160. $ranks = $this->core->settings->get_setting('login_groups');
161. $ranks = explode(',', $ranks);
162.  
163. $accepted = false;
164.  
165. foreach($ranks as $rank) {
166. if($this->is_rank($rank, $this->username_to_id($username))) {
167. $accepted = true;
168. break;
169. }
170. }
171.  
172. if($accepted == false) {
173. $this->error = "Only certain users can login at this current time.";
174. return false;
175. }
176. }
177.  
178. $this->set_sessions($username);
179.  
180. /* Do event. */
181. $time = time();
182. $message = "{$username} just logged in!";
183. $this->database->query("INSERT INTO `events` (type, time, message) VALUES('login', '$time', '$message')");
184.  
185. $return_page = $_SESSION['return_page'];
186.  
187. if($return_page != "") {
188. $_SESSION['return_page'] = "";
189. $this->core->redirect($return_page);
190. }
191.  
192. return true;
193. }
194.  
195. /**
196. * set_sessions function.
197. * Sets the sessions for a user.
198. * @access private
199. * @param mixed $username
200. * @return void
201. */
202. private function set_sessions($username) {
203. $_SESSION['user_id'] = $this->username_to_id($username);
204. }
205.  
206. /**
207. * check_username_login function.
208. * Check whether or not a username exists.
209. * @access public
210. * @param mixed $username
211. * @return void
212. */
213. public function check_username_login($username) {
214. $check = $this->database->num_rows_fq("SELECT * FROM `users` WHERE `username`='$username'");
215. if($check != 0) {
216. return true;
217. } else {
218. return false;
219. }
220. }
221.  
222. /**
223. * check_password_login function.
224. * Checks whether a password is right for a username.
225. * @access public
226. * @param mixed $username
227. * @param mixed $password
228. * @return void
229. */
230. public function check_password_login($username, $password) {
231. $password = md5($password);
232. $check = $this->database->num_rows_fq("SELECT * FROM `users` WHERE `username`='$username' AND `password`='$password' AND `rank` <> 'banned'");
233. if($check != 0) {
234. return true;
235. } else {
236. return false;
237. }
238. }
239.  
240. /**
241. * logout function.
242. * Perform a logout & event on a user.
243. * @access public
244. * @return void
245. */
246. public function logout() {
247.  
248. $time = time();
249. $username = $this->get_detail("username");
250. $message = "{$username} just logged out!";
251. $this->database->query("INSERT INTO `events` (type, time, message) VALUES('logout', '$time', '$message')");
252.  
253. unset($_SESSION['user_id']);
254. $this->core->redirect('index.php');
255. }
256.  
257. ##################
258. # User Functions #
259. ##################
260.  
261. /**
262. * username_to_id function.
263. * Converts a username to a database user ID.
264. * @access public
265. * @param mixed $username
266. * @return void
267. */
268. public function username_to_id($username) {
269. $this->database->query("SELECT `id` FROM `users` WHERE `username`='$username'");
270. $detail = $this->database->fetch_object();
271.  
272. return $detail->id;
273. }
274.  
275. /**
276. * get_detail function.
277. * Gets a specific detail about a user.
278. * @access public
279. * @param mixed $field
280. * @param string $user_id. (default: '')
281. * @return void
282. */
283. public function get_detail($field, $user_id = '') {
284. $user_id = ($user_id == '') ? $_SESSION['user_id'] : $user_id;
285. $this->database->query("SELECT `$field` FROM `users` WHERE `id`='$user_id'");
286. $detail = $this->database->fetch_object();
287.  
288. return $detail->$field;
289. }
290.  
291. /**
292. * is_rank function.
293. * Determines if a user is a specific rank or not.
294. * @access public
295. * @param mixed $rank
296. * @param string $user_id. (default: '')
297. * @return void
298. */
299. public function is_rank($rank, $user_id = '') {
300. $user_id = ($user_id == '') ? $_SESSION['user_id'] : $user_id;
301.  
302. $user_rank = $this->get_detail('rank', $user_id);
303.  
304. if($user_rank == $rank) {
305. return true;
306. } else {
307. return false;
308. }
309. }
310.  
311. /**
312. * check_id function.
313. * Checks a specific user ID in the database, existance.
314. * @access public
315. * @param mixed $user_id
316. * @return void
317. */
318. public function check_id($user_id) {
319. $check = $this->database->num_rows_fq("SELECT * FROM `users` WHERE `id`='$user_id'");
320.  
321. if($check == 0) {
322. return false;
323. } else {
324. return true;
325. }
326. }
327.  
328. /**
329. * delete_user function.
330. * Deletes a user.
331. * @access public
332. * @param mixed $user_id
333. * @return void
334. */
335. public function delete_user($user_id) {
336. $this->database->query("DELETE FROM `users` WHERE `id`='$user_id'");
337. }
338.  
339. /**
340. * update_field function.
341. * Updates a field for a user.
342. * @access public
343. * @param mixed $field
344. * @param mixed $value
345. * @param string $user_id. (default: '')
346. * @return void
347. */
348. public function update_field($field, $value, $user_id = '') {
349. $user_id = ($user_id == '') ? $_SESSION['user_id'] : $user_id;
350. $this->database->query("UPDATE `users` SET `$field`='$value' WHERE `id`='$user_id'");
351. }
352.  
353. #####################
354. # Program Functions #
355. #####################
356.  
357. /**
358. * get_error function.
359. * Gets the program error for this class and returns it.
360. * @access public
361. * @return void
362. */
363. public function get_error() {
364. return $this->error;
365. }
366.  
367. }